I'm currently setting up a batch file to ssh from a Windows machine into a Ubuntu machine and issue a series of commands. I'm using plink, and I'm using the -m argument to pass a .txt file with a list of commands.
The batch file code that runs through cmd:
set PATH=c:\path\to\plink.exe
plink.exe -ssh -t user#ipaddress -pw <psw> -m c:\path\to\textFile\commands.txt
The commands.txt code:
sudo -s #access the root login
<root psw> #enter the password for the root login
command-1 #issue a command in linux as root
command-2 #issue a command in linux as root
command-3 #issue a command in linux as root
The issue I'm running into is that when I run this batch file, the output within command prompt still prompts the user to manually enter the password. Is there a means to input the password form the next line of the commands.txt file? Or does this process require something else?
As even your question says, the file commands.txt specified by -m switch should contain commands. A password is not a command.
Moreover, the commands in the file are executed one-by-one. The sudo (had it worked) would execute an interactive shell session and wait for a user input (commands). Only once the sudo exits, the following commands (command-1, etc) are executed.
Automating password input for sudo is generally a bad idea. If you need to run some commands that require root privileges, a better solution is to associate a dedicated private key with the commands in sudoers file. And then use sudo and the private key in Plink.
Anyway, to automate an input (of a password in this case) to a command, you need to use an input redirection. The same is true for commands to be executed within (not after) sudo.
Like:
(
echo passwod
echo command-1
echo command-2
) | plink.exe -ssh -t user#ipaddress -pw <psw> sudo -s
As now there's only one real top-level command - sudo, I'm specifying it directly on Plink command-line, instead of using -m switch. Functionally, it's identical.
Related
In the putty manual outlines how to use the program with command line parameters. I have this setup with a shortcut on my toolbar to automatically log me into my server.
"C:\Program Files\PuTTY\putty.exe" username#server -pw .... -C
However, I'd like to run a simple script to automatically put me in a specific directory once I log in. I saw there's the -m command to give "a local file name, and it will read a command from that file".
With a file at the destination I've tried the following options:
"C:\Program Files\PuTTY\putty.exe" username#server -pw .... -C -m "C:\local file\script.txt"
"C:\Program Files\PuTTY\putty.exe" username#server -pw .... -C -m "C:\local file\script.sh"
"C:\Program Files\PuTTY\putty.exe" username#server -pw .... -C -m "/server/file/with/755/permissions/script.sh"
And nothing worked.
I'm trying to find an example of this parameter and use but I can't find one. How can I properly use this parameter.
Quoting the docs,
The -m option performs a similar function to the ‘Remote command’ box in the SSH panel of the PuTTY configuration box (see section 4.19.1). However, the -m option expects to be given a local file name, and it will read a command from that file.
And quoting section 4.19.1,
In SSH, you don't have to run a general shell session on the server. Instead, you can choose to run a single specific command (such as a mail user agent, for example). If you want to do this, enter the command in the ‘Remote command’ box.
Note that most servers will close the session after executing the command.
Note the "instead". This is not a command to run in the shell before passing control to you. This is a command to run instead of a shell.
You can't just put cd /wherever and expect to end up in a shell in directory /wherever. You might be able to write a command that will run a shell in the directory you want and give you control, though I'm not sure how to get all the details correct.
I'm trying to set some automation inside local network and started working with some shell scripting and something that I saw - very strange behaviour SSH inside script according to how script running(with or without sudo):
What I have:
ComputerA and ComputerB.
Inside ComputerA:
A shell script script.sh:
cp /dir1/file1 /dir2/file2
ssh username#ComputerB "sudo reboot"
/etc/ssh/ssh_config file with some configurations to work without ssh-keys (they always changes on ComputerB):
StrictHostKeyChecking no
UserKnownHostsFile=/dev/null
GlobalKnownHostsFile=/dev/null
Inside ComputerB:
In /etc/sudoers file:
username ALL=(ALL:ALL) NOPASSWD:ALL
When I connecting through SSH to ComputerA and running script.sh without sudo, I get permission error to write to /dir2 (it's OK) and next command on ComputerB executes normally (reboots ComputerB), but I'm running sudo script.sh. It copy file and then I got strange - SSH asks me username password. Tried different variants to change ssh command to something like:
ssh -t username#ComputerB "echo user_pass | sudo -S reboot"
but nothing helped.
So I need help to figure out what happens and what to do to execute sudo script.sh without entering password for ssh command inside.
Thanks!
Don't run script.sh with sudo on computerA; instead modify the script like so:
sudo cp /dir1/file1 /dir2/file2
ssh username#ComputerB "sudo reboot"
The reason that you're seeing the strange behaviour is that you're actually becoming root on computerA (I assume you have a keypair set-up for your regular user and expect to connect to computerB passwordless?), and that root on computerA doesn't have a keypair that computerB knows about.
I'm attempting to launch putty via the command line in such a way that it runs a command on the server (I want to create a windows shortcut, to tail a log file)
So far I have a batch file containing this
"C:\Program Files (x86)\PuTTY\putty.exe" -ssh -t -pw -m tail_catalina_out -load "myprofile"
And within my server I have a file at the root directory named tail_catalina_out with the following contents.
tail -f /opt/tomcat/logs/catalina.out
Putty launches and my session starts successfully, but no command appears to be carried out despite this? Am I misunderstanding how this works?
You don't need -ssh with -load profile (and if you use a nonstandard port like my test it doesn't work at all); in fact you don't need it with [user#]host because it's the default
-pw -m tail_catalina_out uses -m as your password (which I hope is incorrect, so you should be reprompted unless publickey auth is set-up) and ignores tail_catalina_out
the file for -m must be local i.e. on the PuTTY machine not on the server (although the commands in it will be sent to, and must be valid on, the server)
Thus: "\path\to\putty" -t -m localcmdfile -load profile
You could also use plink which runs in the console and takes either -m localfile or the actual remote command on the command line after the last option (like the OpenSSH client ssh):
"\path\to\plink" -t -load profile tail -f remotefile
As usual, you can omit the quotes around the path if it contains no space. Personally I use \progra~2 instead of bothering with "\program files (x86)" but that's just me, and it may depend on a clean install (instead of upgrade).
I am using below command to open putty through windows command prompt:
PUTTY.EXE -ssh -pw "mypass" user#IP -m C:/my.sh -t
Where my.sh mentioned in above command file contains:
sudo su - rootuser
After executing the command, putty console is opened and it prompts for password.
Is there any way where I can provide this password automatically without typing it?
There's a bit of a horrible workaround using Expect and embedding a password.
This is a bad idea.
As an alternative:
Configure sudo to allow NOPASSWD.
Login directly as root using public-private key auth.
Both these introduce a degree of vulnerability, so should be used with caution - but any passwordless auth has this flaw.
Finally, after struggling for almost whole day, I got the way to get this working.
Below command can be executed from windows machine:
PLINK.EXE -t -ssh -pw "password" user#IP /home/mydir/master.sh
master.sh file is located on remote machine. And this file contains below command to execute script with sudo command without prompting password.
echo password | sudo u user -S script.sh
Here, password should be replaced with your password. user should be replaced with your actual user and script.sh is the script on remote machine that you want to fire after sudo login.
I have a shared SSH keys with another server so I can login without a password. Executing:
rsync -avze ssh --blocking-io --delete --rsh='ssh -p2020' user#XXX.XX.XXX.XX:/foo/* /bar/;
Runs fine. No password prompt. But that command in a bash file:
#!/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
rsync -avze ssh --blocking-io --delete --rsh='ssh -p2020' user#XXX.XX.XXX.XX:/foo/* /bar/;
Run like so:
sudo ./copyfiles.sh
Gives me this:
user#XXX.XX.XXX.XX's password:
Any ideas why?
You seem to be running the script as root (sudo) but run the command line as some other user (this is just a guess). Most likely, the public key of the root user is not present on the destination machine.
The sudo program is probably creating a new shell without some SSH environment variables.
Try
sudo -E ./copyfiles.sh